CVE-2026-23314 - Vulnerability Details - OpenCVE

In the Linux kernel, the following vulnerability has been resolved:

regulator: bq257xx: Fix device node reference leak in bq257xx_reg_dt_parse_gpio()

In bq257xx_reg_dt_parse_gpio(), if fails to get subchild, it returns
without calling of_node_put(child), causing the device node reference
leak.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00017.

Key SSVC decision points have not yet been added.

Vendors	Products
Linux Subscribe	Linux Kernel Subscribe

No data.

No data.

No data.

Advisories

No advisories yet.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://git.kernel.org/stable/c/4baaddaa44af01cd4ce239493060738fd0881835
https://git.kernel.org/stable/c/93b64bef8cd4074806d981ed1b4c38c3ae0542e3
https://git.kernel.org/stable/c/aba54a5a113667df9d339f4192650f6bc27e9d1f

History

Wed, 25 Mar 2026 10:45:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: regulator: bq257xx: Fix device node reference leak in bq257xx_reg_dt_parse_gpio() In bq257xx_reg_dt_parse_gpio(), if fails to get subchild, it returns without calling of_node_put(child), causing the device node reference leak.
Title		regulator: bq257xx: Fix device node reference leak in bq257xx_reg_dt_parse_gpio()
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
References		https://git.kernel.org/stable/c/4baaddaa44af01cd4ce239493060738fd0881835 https://git.kernel.org/stable/c/93b64bef8cd4074806d981ed1b4c38c3ae0542e3 https://git.kernel.org/stable/c/aba54a5a113667df9d339f4192650f6bc27e9d1f

Projects

Sign in to view the affected projects.

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2026-03-25T10:27:09.383Z

Updated: 2026-03-25T10:27:09.383Z

Reserved: 2026-01-13T15:37:45.994Z

Link: CVE-2026-23314

Vulnrichment

No data.

NVD

Status : Received

Published: 2026-03-25T11:16:27.767

Modified: 2026-03-25T11:16:27.767

Link: CVE-2026-23314

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

No weakness.

{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-23314", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2026-01-13T15:37:45.994Z", "datePublished": "2026-03-25T10:27:09.383Z", "dateUpdated": "2026-03-25T10:27:09.383Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-03-25T10:27:09.383Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nregulator: bq257xx: Fix device node reference leak in bq257xx_reg_dt_parse_gpio()\n\nIn bq257xx_reg_dt_parse_gpio(), if fails to get subchild, it returns\nwithout calling of_node_put(child), causing the device node reference\nleak."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/regulator/bq257xx-regulator.c"], "versions": [{"version": "981dd162b63578aee34b5c68795e246734b76d70", "lessThan": "93b64bef8cd4074806d981ed1b4c38c3ae0542e3", "status": "affected", "versionType": "git"}, {"version": "981dd162b63578aee34b5c68795e246734b76d70", "lessThan": "aba54a5a113667df9d339f4192650f6bc27e9d1f", "status": "affected", "versionType": "git"}, {"version": "981dd162b63578aee34b5c68795e246734b76d70", "lessThan": "4baaddaa44af01cd4ce239493060738fd0881835", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/regulator/bq257xx-regulator.c"], "versions": [{"version": "6.18", "status": "affected"}, {"version": "0", "lessThan": "6.18", "status": "unaffected", "versionType": "semver"}, {"version": "6.18.17", "lessThanOrEqual": "6.18.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.19.7", "lessThanOrEqual": "6.19.*", "status": "unaffected", "versionType": "semver"}, {"version": "7.0-rc2", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.18", "versionEndExcluding": "6.18.17"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.18", "versionEndExcluding": "6.19.7"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.18", "versionEndExcluding": "7.0-rc2"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/93b64bef8cd4074806d981ed1b4c38c3ae0542e3"}, {"url": "https://git.kernel.org/stable/c/aba54a5a113667df9d339f4192650f6bc27e9d1f"}, {"url": "https://git.kernel.org/stable/c/4baaddaa44af01cd4ce239493060738fd0881835"}], "title": "regulator: bq257xx: Fix device node reference leak in bq257xx_reg_dt_parse_gpio()", "x_generator": {"engine": "bippy-1.2.0"}}}}